Student Solution

-->

"Education is the most powerful weapon which you can use to change the world”
– Nelson Mandela

1 University

1 Course

1 Subject

Security Risk Management _Lab 07

Security Risk Management _Lab 07

Q 1. What is the goal and purpose of a business impact analysis (BIA)?2. Why is a business impact analysis (BIA) an important first step in defining a business continuity plan (BCP)?3. What is the definition of recovery time objective (RTO)? Why is this important to define in an IT Security Policy Definition as part of the business impact analysis (BIA) or business continuity plan (BCP)?4. How do risk management and risk assessment relate to a business impact analysis (BIA) for an IT infrastructure?5. True or false: If the recovery point objective (RPO) metric does not equal the recovery time objective (RTO), you can potentially lose data that might not be backed up. This represents a gap in potential lost or unrecoverable data.

View Related Questions

Solution Preview

Answer: The business impact analysis evaluates how a business operation would be affected by the disaster or an accident. So, it can be stated that the goal of this process is to find the magnitude of the impact of a disaster on the core operation of the business. Answer: The business continuity plan is a disaster recovery plan that guides how to operate the business in the post disaster time. To develop this plan one as to know the impact of the disaster on the business operation and then only the suitable solution can be made. For this reason, the business impact analysis is the first step of the business continuity plan.